My search engines have been hacked

Well today I tryed to use google and it looked diffrent I just couldn't put my finger on it. But then I relozed that the "I'm feelin Lucky" button wasn't there. So I knew I had a virus or spyware and I tryed to get rid of it withg "mcaffe. Spybot, adware, and system restore." Also did trendmicro's free scan. None of those worked. Also when i do try to surch for something it's just spam. And if I click on "Images, groups, prefince, advance search, ETC." It just goes to www.google.com/# . SO how do I get rid of this unige virus?

heres a pic:
http://img237.echo.cx/my.php?image=googlehavk2aw.jpg

P.S. I also can't accsess my gmail account either

 

Wow, that is big. Your resolution is small?

Anyway....follow these directions.....EXACTLY these directions....

http://forums.majorgeeks.com/showthread.php?t=35407

(click the link and read)......

 

After doing ALL of the steps in the READ ME and you still have a problem:


http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

I did the steps the first person told me to do but that didn't work heres my Hijackthis log.

 

Please download HOSTER and then follow the below steps.

• Unzip Hoster to a convenient folder such as C:\Hoster

• Run Hoster.exe, click Restore Original Hosts and then click OK.
• Click the X to exit the program.

Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled


Now scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
(Keep this if you need it)

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O16 - DPF: {2FE28C1F-BF47-4643-AEFD-61C0073392BA} - http://install.getda****.com/loader/azeloader.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab

O20 - Winlogon Notify: scss - scss.dll (file missing)

O23 - Service: Workstation Service Library (Microsoft Locator Service) - Unknown owner - C:\WINDOWS\wkssvc.exe

Again, make sure All Browser Windows are Closed when you Click FIX.

NOW:
Click Start > Run > type services.msc and Click OK

Locate Workstation Service Library (Microsoft Locator Service) and RightClick on it to bring up the Service Properties Window.
First: Stop the service by clicking the Stop Button.
Next: Disable it by changing the Startup Type to Disabled and click Apply

NOW:
Navigate to and DELETE the following if they should remain:

C:\WINDOWS\wkssvc.exe

NEXT:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.
Note: Dont forget to update Spybot S&D by selecting "Search For Updates"

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


Reboot to Normal Windows , Scan with HijackThis and attach the new log.

 

OK I did the steps that I was suppose to do and I went to google and no luck so far Heres my new log:

 

So what next do I do??

 

Your Operating System and Internet Explorer versions are WAY out of date and represent a major security risk. After we fix your current problems, you must get updated. You need to install Service Pack 2 for security purposes.

It doesnt look like you didnt anything from my previous post. You have more now than you did before. You must do every bit of these fixes and everything in a timely manner or this will continue to get worse and worse.

Please download HOSTER and then follow the below steps.

• Unzip Hoster to a convenient folder such as C:\Hoster

• Run Hoster.exe, click Restore Original Hosts and then click OK.
• Click the X to exit the program.

Now go into Control Panel and look for and uninstall the following programs if found:

WebSearch Toolbar

Toolbar

WinTools by Websearch

(Anything you see that says WebSearch or Search, remove it!)

NOW:
Click Start > Run > type services.msc and Click OK

Locate Workstation Service Library (Microsoft Locator Service) and RightClick on it to bring up the Service Properties Window.
First: Stop the service by clicking the Stop Button.
Next: Disable it by changing the Startup Type to Disabled and click Apply

Now locate WebSeach Toolbar support NT service (TBPSSvc) and RightClick on it to bring up the Service Properties Window.
First: Stop the service by clicking the Stop Button.
Next: Disable it by changing the Startup Type to Disabled and click Apply

After you complete the above, attach a fresh HJT log.